CVE-2026-2836 identifies a cache poisoning vulnerability in the Pingora HTTP proxy framework, specifically in its default cache key construction used in the alpha proxy caching feature. The vulnerability arises because the default cache key implementation generates keys solely based on the URI path, omitting critical components such as the host header (authority) and the upstream peer’s HTTP scheme. This flawed design allows an attacker to poison the cache by injecting malicious or cross-origin responses that are then served to other users, potentially from different tenants in multi-tenant deployments. The impact includes cross-tenant data leakage, where one tenant may receive cached responses intended for another, and cache poisoning attacks that can deliver malicious content to legitimate users. Cloudflare’s own CDN infrastructure is unaffected as it employs a more comprehensive cache key strategy that incorporates multiple factors to prevent such poisoning. The vulnerability affects Pingora versions prior to 0.8.0, which used the insecure default cache key. Exploitation requires no privileges and no authentication but does require user interaction (e.g., triggering cached requests). The CVSS 4.0 score is 8.4 (high), reflecting the ease of exploitation and significant confidentiality and integrity impacts. Mitigation requires upgrading to Pingora v0.8.0 or later, which removes the insecure default and mandates explicit cache key callback implementations that include the host header, HTTP scheme, and other relevant attributes. Users on earlier versions should replace default cache key usage with custom implementations that at minimum consider the host header and upstream peer scheme to prevent cache poisoning.

The vulnerability poses a significant risk to organizations using Pingora’s alpha proxy caching feature with default cache key settings, especially in multi-tenant environments. Attackers can exploit this flaw to poison caches, leading to cross-tenant data leakage where sensitive information from one tenant is exposed to another. Additionally, cache poisoning can be used to serve malicious content to legitimate users, potentially facilitating phishing, malware distribution, or other attacks. This undermines the confidentiality and integrity of cached data and can damage trust in the affected services. Since the vulnerability requires no privileges and no authentication, it can be exploited by remote attackers with minimal barriers, increasing the risk of widespread abuse. However, the scope is limited to deployments using the vulnerable Pingora versions and default cache key implementations. Cloudflare’s own CDN infrastructure is not impacted, limiting the risk to third-party users of Pingora. Organizations relying on Pingora for HTTP proxy caching must address this vulnerability promptly to avoid data leakage and malicious content delivery.

1. Upgrade immediately to Pingora version 0.8.0 or higher, which removes the insecure default cache key implementation. 2. For users unable to upgrade promptly, remove any usage of the default CacheKey implementation and develop a custom cache key callback that includes at minimum the host header (authority) and the upstream peer’s HTTP scheme. 3. Ensure that cache keys vary on all relevant HTTP request attributes that distinguish tenants or origins, such as Host header, scheme, and any other headers or parameters critical to cache partitioning. 4. Conduct thorough testing of cache behavior after implementing custom cache keys to verify that cross-origin or cross-tenant cache poisoning is not possible. 5. Monitor proxy logs for unusual cache hits or responses that may indicate attempted cache poisoning. 6. Educate development and operations teams about the importance of proper cache key construction in proxy caching to prevent similar vulnerabilities. 7. Review and audit other caching layers or proxies in the environment to ensure they do not suffer from similar cache key construction issues.